AzPolicyAdvertizer

last sync: 2025-Apr-29 17:16:02 UTC

[Deprecated]: Endpoint protection should be installed on your machines

Azure BuiltIn Policy definition

Source

Azure Portal

Display name

[Deprecated]: Endpoint protection should be installed on your machines

1f7c564c-0a90-4d44-b7e1-9d456cffaee8

Version

1.1.0-deprecated
Details on versioning

Versioning

Versions supported for Versioning: 2
1.1.0 (1.1.0-deprecated)
1.0.0
Built-in Versioning [Preview]

Category

Security Center
Microsoft Learn

Description

To protect your machines from threats and vulnerabilities, install a supported endpoint protection solution.

Cloud environments

AzureCloud = true
AzureUSGovernment = true
AzureChinaCloud = unknown

Available in AzUSGov

The Policy is available in AzureUSGovernment cloud. Version: '1.0.0-deprecated'
Repository: Azure-Policy 1f7c564c-0a90-4d44-b7e1-9d456cffaee8

Mode

All

Type

BuiltIn

Preview

False

Deprecated

True

Effect

Default
Disabled
Allowed
AuditIfNotExists, Disabled

RBAC role(s)

none

Rule aliases

THEN-ExistenceCondition (1)

Alias	Namespace	ResourceType	Path	PathIsDefault	DefaultPath	Modifiable
Microsoft.Security/assessments/status.code	Microsoft.Security	assessments	properties.status.code	True		False

Rule resource types

IF (3)

Microsoft.ClassicCompute/virtualMachines
Microsoft.Compute/virtualMachines
Microsoft.HybridCompute/machines

Compliance

The following 1 compliance controls are associated with this Policy definition '[Deprecated]: Endpoint protection should be installed on your machines' (1f7c564c-0a90-4d44-b7e1-9d456cffaee8)

Control Domain	Control	Name	MetadataId	Category	Title	Owner	Requirements	Description	Info	Policy#
NZ_ISM_v3.5	SS-3	NZ_ISM_v3.5_SS-3	NZISM Security Benchmark SS-3	Software security	14.1.9 Maintaining hardened SOEs	Customer	n/a	Whilst a SOE can be sufficiently hardened when it is deployed, its security will progressively degrade over time. Agencies can address the degradation of the security of a SOE by ensuring that patches are continually applied, system users are not able to disable or bypass security functionality and antivirus and other security software is appropriately maintained with the latest signatures and updates. End Point Agents monitor traffic and apply security policies on applications, storage interfaces and data in real-time. Administrators actively block or monitor and log policy breaches. The End Point Agent can also create forensic monitoring to facilitate incident investigation. End Point Agents can monitor user activity, such as the cut, copy, paste, print, print screen operations and copying data to external drives and other devices. The Agent can then apply policies to limit such activity.	link	15

Initiatives usage

Initiative DisplayName	Initiative Id	Initiative Category	State	Type	polSet in AzUSGov
[Deprecated]: New Zealand ISM Restricted v3.5	93d2179e-3068-c82f-2428-d614ae836a04	Regulatory Compliance	Deprecated	BuiltIn	unknown

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2024-10-31 18:50:28	change	Minor, new suffix: deprecated (1.0.0 > 1.1.0-deprecated)
2021-08-30 14:27:30	add	1f7c564c-0a90-4d44-b7e1-9d456cffaee8

JSON compare

compare mode: version left: version right:

JSON

api-version=2021-06-01
EPAC